On Tue, Feb 5, 2019, 9:09 PM Nikita Popov On Mon, Feb 4, 2019 at 1:32 PM Zeev Suraski wrote:
>
> I think the main question we need to decide if we might want to go a step
> further and not just disable PEAR by default, but rather remove the option
> from configure entirely. Either right away in P
On Mon, Feb 4, 2019 at 1:32 PM Zeev Suraski wrote:
>
>
> On Fri, Feb 1, 2019 at 1:27 PM Nikita Popov wrote:
>
>> Hi internals,
>>
>> I would like to suggest that installation of PEAR is disabled by default
>> in
>> PHP 7.4. PR: https://github.com/php/php-src/pull/3781
>
>
> This thread went a bi
On Fri, Feb 1, 2019 at 1:27 PM Nikita Popov wrote:
> Hi internals,
>
> I would like to suggest that installation of PEAR is disabled by default in
> PHP 7.4. PR: https://github.com/php/php-src/pull/3781
This thread went a bit off topic, but to return to its original subject -
I'm also supportiv
On 02/02/2019 01:08, Alice Wonder wrote:
That version has vulnerability, developer fixed it in newer release,
but composer keeps pulling in the older version because that is what
composer provides.
Have you seen
https://packagist.phpcomposer.com/packages/roave/security-advisories ?
It's a
On 02.02.2019 at 16:32, Lester Caine wrote:
> On 02/02/2019 14:28, Peter Kokot wrote:
>
>> About PECL, then I assume we keep it as is for this period also.
>> Unclear, required to install PEAR to be able to run the pecl command,
>> and optionally moving this part elsewhere out of the PHP. Speciall
On 02/02/2019 14:28, Peter Kokot wrote:
About PECL, then I assume we keep it as is for this period also.
Unclear, required to install PEAR to be able to run the pecl command,
and optionally moving this part elsewhere out of the PHP. Specially,
to package maintainers (Linux distros), another repos
Hello,
I understand we won't be able to reach common understanding about
PEAR. But anyway, first of all, thanks for all the answers and
informational feedback.
I'd just like to remind everyone one thing. We're now on a good way to
reach another 7+ years [1] of keeping PEAR in the PHP core with al
On 02/02/2019 02:10, Peter Kokot wrote:
Composer is like static linking compared to PEAR which is liked shared
linking.
Composer can install things globally. I'm not sure I understand why is
this even a discussion Composer vs. PEAR core installer script at the
moment. The pull request is about
> Composer took over the role of such installer in PHP community.
But sadly "composer" is NOT an installer.
(it is a Dependency Manager for PHP)
Ex: not having "role" for files is a nightmare, and make necessary to
use terrible workaround (such as using .gitattributes), and thus making
PHP dev
not this thread.
-- Original --
From: "Alice Wonder";
Date: Sat, Feb 2, 2019 09:08 AM
To: "internals";
Subject: Re: [PHP-DEV] Disable PEAR by default
On 2/1/19 3:06 PM, Peter Kokot wrote:
> Hello,
>
> On Fri, 1 Feb 2019 at 12:44, Joe
> Many PEAR packages are maintained, and they are globally installed
> meaning when a vulnerability is found, there is one to be fixed and
> everything on the system is fixed.
Which is great. Practice showed that global PHP packages are not that
good actually and managing dependencies on a local l
On 2/1/19 5:12 PM, Peter Kokot wrote:
Hello,
On Sat, 2 Feb 2019 at 02:08, Alice Wonder wrote:
I do not like composer. A problem I have encountered, a project
specifies a version for a dependency.
That version has vulnerability, developer fixed it in newer release, but
composer keeps pulling i
On 2/1/19 5:08 PM, Alice Wonder wrote:
On 2/1/19 3:06 PM, Peter Kokot wrote:
Hello,
On Fri, 1 Feb 2019 at 12:44, Joe Watkins wrote:
+1
On Fri, 1 Feb 2019 at 12:35, Sebastian Bergmann
wrote:
Am 01.02.2019 um 12:27 schrieb Nikita Popov:
I would like to suggest that installation of PEAR i
Hello,
On Sat, 2 Feb 2019 at 02:08, Alice Wonder wrote:
> I do not like composer. A problem I have encountered, a project
> specifies a version for a dependency.
>
> That version has vulnerability, developer fixed it in newer release, but
> composer keeps pulling in the older version because that
On 2/1/19 3:06 PM, Peter Kokot wrote:
Hello,
On Fri, 1 Feb 2019 at 12:44, Joe Watkins wrote:
+1
On Fri, 1 Feb 2019 at 12:35, Sebastian Bergmann wrote:
Am 01.02.2019 um 12:27 schrieb Nikita Popov:
I would like to suggest that installation of PEAR is disabled by default
in
PHP 7.4. PR: h
On 1 February 2019 23:06:41 GMT+00:00, Peter Kokot wrote:
>Q2: Follow up question, what to do with PECL scrip then? Is in PHP
>even possible to start a new project such as a pecl command line tool
>that would offer a replacement for current pecl script?
It's certainly possible, and was the aim of
Hello,
On Fri, 1 Feb 2019 at 12:44, Joe Watkins wrote:
>
> +1
>
> On Fri, 1 Feb 2019 at 12:35, Sebastian Bergmann wrote:
>
> > Am 01.02.2019 um 12:27 schrieb Nikita Popov:
> > > I would like to suggest that installation of PEAR is disabled by default
> > in
> > > PHP 7.4. PR: https://github.com/
+1
On Fri, 1 Feb 2019 at 12:35, Sebastian Bergmann wrote:
> Am 01.02.2019 um 12:27 schrieb Nikita Popov:
> > I would like to suggest that installation of PEAR is disabled by default
> in
> > PHP 7.4. PR: https://github.com/php/php-src/pull/3781
>
> +1
>
> --
> PHP Internals - PHP Runtime Develop
Am 01.02.2019 um 12:27 schrieb Nikita Popov:
I would like to suggest that installation of PEAR is disabled by default in
PHP 7.4. PR: https://github.com/php/php-src/pull/3781
+1
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
19 matches
Mail list logo
